[OPLINTECH] Potential Computer Vandalism

Wed Nov 20 10:29:07 EST 2013

If the settings that password protect the hard drive are in the BIOS, I
would try removing the CMOS battery for a period of time - say half an hour
or more, and also pressing the power button while it is unplugged to clear
out any residual power in the system. Once it has been drained and the
battery removed for half an hour or more, try putting the battery back in
and see what you get. Removing power from the BIOS for a decent period of
time SHOULD revert all settings to default.

If the BIOS wasn't locked down, there is also the possibility that someone
actually flashed the BIOS with a different version. If what I mentioned
above doesn't work, I'm not sure what you could do other than talking to
your computer manufacturer to see if there are any back doors in the BIOS
that you can use, or if there is a way to flash the BIOS with the standard
version for that computer.

On Wed, Nov 20, 2013 at 10:16 AM, Mike Hensel <henselmi at oplin.org> wrote:

> Ron:
>
>
>
> I cleared the CMOS jumpers on the motherboard which allows me to at least
> get to the Bios but once I’m there I cannot change or turnoff the HD
> password because I don’t know it – it has been set by the individuals that
> locked up the machines – at least that’s my guess.  I tried my admin
> passwords but they don’t seem to work.
>
>
>
> I read online that Dell may have a backdoor password so I may give them a
> call.
>
>
>
> Mike Hensel
>
> Director, MLIS
>
> London Public Library
>
> 20 E. First Street
>
> London, OH 43140
>
> www.mylondonlibrary.org
>
> 740-852-9543
>
> Mobile 614-325-1429
>
>
>
> *From:* Ron Woods [mailto:woodsro at oplin.org]
> *Sent:* Wednesday, November 20, 2013 10:09 AM
> *To:* 'Mike Hensel'; oplintech at oplin.org
> *Subject:* RE: [OPLINTECH] Potential Computer Vandalism
>
>
>
> Hi,
>
>
>
> is this a boot password that’s stored in the BIOS? Or some kind of
> encryption on the hard drive?
>
>
>
> Does clearing the CMOS jumper on the motherboard remove the password? I
> wouldn’t think you have to replace the hard drive to clear a BIOS boot
> password, all that should be required is clearing the CMOS jumper pins on
> the motherboard…unless were talking about some kind of hard drive boot
> encryption set with a password?
>
>
>
>
>
> Ron Woods
>
> Computer Services Manager
>
> St. Clairsville Public Library
>
> (740)-695-2062
>
> http://www.stclibrary.org
>
>
>
>
>
>
>
> *From:* oplintech-bounces at lists.oplin.org [
> mailto:oplintech-bounces at lists.oplin.org<oplintech-bounces at lists.oplin.org>]
> *On Behalf Of *Mike Hensel
> *Sent:* Wednesday, November 20, 2013 9:21 AM
> *To:* oplintech at lists.oplin.org
> *Subject:* [OPLINTECH] Potential Computer Vandalism
>
>
>
> OPLINTech Libraries:
>
>
>
> I’ve got a situation where one of my patron computers last week booted up
> with a Security Manager Screen that basically needed a password to boot
> from the hard drive.  We run DeepFreeze on all of the computers.  I
> eventually had to get another hard drive sent from Dell.  Last night 5 more
> computers displayed the same message.  We lock the computers down with
> policies as well.  I have not seen any virus alerts pop up in Symantec.  We
> run Symantec Endpoint.  I don’t believe we had the bios locked down so the
> only thing I can think of is someone logged into the bios and setup an
> password on access to the HD which is leaving our machines dead.
>
>
>
> Has anyone run across this scenario and is there any easy fixes besides
> getting a new hard drive and rebuilding the machine.   I’m trying to
> determine if it was a local hack (patron at each machine) or virus.
>
>
>
> Any help would be appreciated.
>
>
>
> Mike Hensel
>
> Director, MLIS
>
> London Public Library
>
> 20 E. First Street
>
> London, OH 43140
>
> www.mylondonlibrary.org
>
> 740-852-9543
>
> Mobile 614-325-1429
>
>
>
> _______________________________________________
> OPLINTECH mailing list
> OPLINTECH at lists.oplin.org
> http://lists.oplin.org/mailman/listinfo/oplintech
> Search: http://oplin.org/techsearch
>
>

-- 
Ken Butler
hcotech at holmeslib.org
Head of Information Technology
Holmes County District Public Library
3102 Glen Drive
Millersburg, OH 44654
PH: 330-674-5972 ext 224
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplintech/attachments/20131120/ca594ece/attachment.html>